cbcvebase.
CVE-2023-30192
published 2023-05-12

CVE-2023-30192: Prestashop possearchproducts 1.7 is vulnerable to SQL Injection via PosSearch::find().

PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
2.68%
83.9th percentile
Prestashop possearchproducts 1.7 is vulnerable to SQL Injection via PosSearch::find().

Affected

1 ranges
VendorProductVersion rangeFixed in
prestashoppossearchproducts

Detection & IOCsextracted from sources · hover to see the quote

versionpossearchproducts 1.7
  • SQL Injection entry point is the PosSearch::find() method in the possearchproducts module; monitor HTTP requests targeting this module's search endpoint for SQL metacharacters or payloads.
  • Detection rule triggers on HTTP responses containing the string 'products' (case-insensitive) with a non-404 status code, indicating a successful probe of the vulnerable search endpoint.
  • ·The Sigma-style rule digest is embedded in the source; verify rule integrity against the digest before deployment.
  • ·The detection condition uses response-body content matching ('products') which may produce false positives on any legitimate PrestaShop search response; tune with additional SQL-injection payload indicators.
  • ·Affected version is explicitly listed as possearchproducts 1.7; scope detection and patching efforts to installations running this specific module version.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.